It turns out that the demo of a game scheduled for release on Steam was 'information stealing malware'
It was discovered that a file distributed as an early preview version of the game 'Sniper: Phantom's Resolution,' which was scheduled to be released on Steam in the first half of 2025, could infect PCs with malware that could steal data. The developer claimed that it was a third party, but the Steam management company, which received the report, removed the game's distribution page.
Steam pulls game demo infecting Windows with info-stealing malware
Valve pulls plug on Sniper: Phantom's Resolution demo after malware reports surface
https://www.2-spyware.com/valve-pulls-plug-on-sniper-phantoms-resolution-demo-after-malware-reports-surface
The game in question, 'Sniper: Phantom's Resolution,' is a shooter posted on Steam by a developer called Sierra Six Studios. The game's description reads, 'Play as Phantom, a sniper contractor who must navigate harsh environments and face moral dilemmas.'
While most games have demos available directly from Steam, this one was distributed on GitHub, and after a user analyzed it, they discovered that the installer file was named 'Windows Defender SmartScreen.exe' and contained attack tools such as a privilege escalation utility.
The malware had the ability to run a Node.js script and then immediately exit to avoid detection, and to add a malicious executable to the startup task to ensure persistence.
A user who reported the issue on the bulletin board social news site Reddit wrote in a post on March 17, 2025, 'All of the promotional art for the game is clearly ripped from other games. Luckily, you can't download anything from the Steam page itself, but the game's website has very little information, but instead there is a link to a free demo. And this demo is clearly a disguised virus, the domain was just registered a week ago.'
The developer released a statement on Steam stating, 'We are pleased to inform you that our game Sniper: Phantom's Resolution will be available exclusively on Steam. Any other websites, links, or offers claiming to offer our game outside of Steam are fraudulent and may pose a security risk,' suggesting that a third party had distributed malware under the guise of their own game, but Steam users have responded coldly, calling them 'despicable developers.'
In addition, the GitHub account that distributed the malware also distributes other suspicious tools such as cryptocurrency tools and Telegram bot tools, so it is highly likely that the game was created with malicious intent, according to the IT news site Bleeping Computer.
After receiving reports from users, GitHub immediately removed the repository in question, and Valve removed the game from the Steam store on March 20, 2025. The developer's website was also taken offline shortly after the problem was discovered.
It was recently discovered that in February 2025, a free game laced with infostealer was available on Steam for a week.
It turns out that a free game distributed on Steam for a week contained 'malware that steals passwords' - GIGAZINE
In this case, the malware was distributed via GitHub rather than Steam, but it is true that titles that appear to be counterfeit games made using assets from other games with the aim of distributing malicious software managed to get past Steam's review and be listed on the store.
2-Spyware, a news site that provides information on spyware, said, 'This security incident at Steam shows how this trusted platform is balancing the need to maintain accessibility for small game studios with the ever-evolving threat of cybercriminals. The gaming community continues to wait for Valve's measures to protect millions of users from future unseen threats.'
Related Posts:
